Linux builds HTTPS server

I. Installation and preparation

1. Install OpenSSL

To enable Apache to support SSL, you need to first install OpenSSL support. This is openssl-0.9.8k.tar.gz.

Download openssl:http://www.openssl.org/source/

TAR-ZXF openssl-0.9.8k.tar.gz/Decompression installation package

CD openssl-0.9.8k//into the unpacked installation package

./config//Configuration installation. Recommended use of default configuration

Make && make Install//compilation and installation

OpenSSL will be installed by default to/usr/local/ssl

2. Install Apache

Download the httpd source code from the http://httpd.apache.org/, here is the use of httpd2.2.22;

./configure--prefix=/usr/local/httpd2.2.22--enable-so--enable-ssl--with-ssl=/usr/local/ssl--enable-mods-shared =all//Configuration installation. Recommended Dynamic Compilation Module

Make && make install

Dynamically compiling Apache module to facilitate the load management of the module. Apache will be installed to/usr/local/apache

Second, generate certificates

To quickly build an available HTTPS server, you need to be in the/usr/local/httpd2.2.22/conf/directory

(can also be generated in a different directory, copy the generated files to the/usr/local/httpd2.2.22/conf/directory)

Run the following command in turn:

1. OpenSSL req-new-text-out Server.req

2. OpenSSL rsa-in privkey.pem-out Server.key

3. OpenSSL req-x509-in server.req-text-key server.key-out server.crt

The concrete can refer to OpenSSL document;

Three, the Apache configuration

Open the httpd.conf file in the Conf directory under the Apache installation directory to find

#LoadModule Ssl_module modules/mod_ssl.so

Deletes the configuration statement annotation symbol "#" at the beginning of the line

Save exit.

Open the ssl.conf file in the Conf directory under the Apache installation directory to find

Locate the following configuration statement in the configuration file

Sslcertificatefile CONF/SSL.CRT/SERVER.CRT Configure the server certificate to the path

Sslcertificatekeyfile Conf/ssl.key/server.key Configure the server certificate private key to the path

#SSLCertificateChainFile CONF/SSL.CRT/CA.CRT Deletes the "#" annotation character at the beginning of the line and configures the intermediate CA certificate intermediate.crt to the path

Save exit and restart Apache. Restart mode:

Enter the bin directory under the Apache installation directory and run the following command

./apachectl-k-stop

./apachectl Start

Access your site by using HTTPS to test the installation configuration of the site certificate.

At this point, the server can be accessed through HTTP and HTTPS;

        Note : more Wonderful tutorials please focus on the Triple computer Tutorials section, triple Computer office group: 189034526 Welcome to join